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-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address » 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

. - If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply wit), by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )I3 Responsive to communication(s) filed on 1 1 February 2004 . 
2a)D This action is FINAL. 2b)|3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-24 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) 03 Claim(s) 1-24 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Response to Arguments 

1. Applicant's arguments, see page 1 1 paragraph 1, filed 12/22/03, with respect to the 
rejection(s)of claim(s) 1, and 13 under 103(a) have been fully considered and are 
persuasive. Therefore, the rejection has been withdrawn. However, upon further 
consideration, a new ground(s) of rejection is made in view of Hsu US Patent 5,982,898. 

Applicant's arguments filed 12/22/03 have been fully considered but they are not 
persuasive. Applicant argues that Lipner does not disclose a directory for storing 
authorization information. As Lipner has been overcome, the argument is moot with 
regards to Lipner. However with regard to other references, it is widely known that 
computers store information in directories, so that any authorization information cited in 
a reference would be taken from a directory. 

Claim Rejections - 35 USC §103 

2. Claims 1-3, 5, 6, 8, 10, 13, 14, 15, 17, and 18 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Chapman US 6,058,484 in view of Hsu US 5,982,898. 

As per claims 1, and 13, Chapman discloses a certificate authority issuing a long-term 
public key identity certificate (certificate) that binds a public key of the user to long term 
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identification information (identifying information) related to the user, (Col 7 lines 57- 



Chapman does not disclose a short-term public key certificate. 
Hsu discloses a certificate authority for issuing a short term public key credential 
certificate (certificates that are short lived), (Col 4 line 64-Col 5 line 5 17-22). The 
certificate binds the public key of the user to long term identification information (name, 
CA signature) and to short term authorization information (expiration time, authorization 
code), (Col 5 lines 1-10). The user presents this short term certificate to an application 
(server) for authorization, (Col 5 lines 14-22). The client demonstrates knowledge of a 
private key corresponding to the public key in the certificate, (Col 6 line 61 - Col 7 line 



It would be obvious to modify Chapman's PKI system with a short term certificate of 
Hsu to eliminate the need of a Certificate Revocation list in order to reduce network 
traffic, (Hsu Col 7 lines 11-13). 

As per claims 2, and 14, Chapman does not disclose a short term certificate. 
Hsu discloses that the certificate has a time stamp (expiration date), (Col 5 lines 23). 
It would be obvious to modify Chapman's pki system with a timestamp of Hsu to state 
time of validity and increase security. 

As per claim 3, and 15 Chapman does not disclose a short term certificate. 

Hsu discloses that the expiration date is sufficiently short (limited amount of time), (Col 

5 line 17-23). 



67). 



3) 
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As per claims 5, and 17, Chapman does not disclose a short term certificate. 

Hsu discloses no methods of revocation, (Col 7 line 1 1). 

As per claims 6, and 18, Chapman does not disclose a short term certificate. 

Hsu discloses a short term certificate in a non structured form, (Fig 3). 

As per claims 8, and 20, Chapman discloses using a X.509 certificate, (Col 8 lines 33- 

43). Chapman does not disclose a shot term certificate. 

Hsu discloses a short term certificate, (Col 5 line 17). 

It would be obvious to one skilled in the art to modify Chapman's x.509 with Hsu's short 
term certificate, because the 509 format is supported by a number of different protocols, 
(Chapman Col 8 line 43), and the short term certificate need not be checked by CRLs. 
As per claims 10, and 22, Chapman discloses memory, (Col 9 line 2). The long term 
certificate must be stored in the directory to be retrieved. 

Claims 4 and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Chapman US 6,058,484 in view of Hsu US 5,982,898 in view of Asay US 5,903,882. 

3. As per claims 4, and 16, Chapman-Hsu discloses a short term certificates with limited 
validity. 

Asay discloses that a certificate that becomes invalid by age need not be on the schedule 
thus becomes invalid before the next scheduled CRL check, (Col 3 lines 1-4). 
It would be obvious to modify Chapman's PKI system with Asay's CRL to enable 
reduced network traffic. 



r 
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Claims 7, 9, 19, and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Chapman US 6,058,484 in view of Hsu US 5,982,898 in view of Howell US 
5,276,901. 

4. As per claims 7, and 19, Chapman-Hsu discloses a short term certificate. Chapman- 
Hsu does not disclose a structured certificate. 

Howell discloses a certificate with access restricted folders contained therein (Col 5 lines 
23-30). 

It would be obvious to one skilled in the art to modify Chapman-Hsu with Howell's 
restricted access to increase security. 

As per claims 9, and 21, Chapman-Hsu discloses using a short term X.509 certificate, 

(Chapman Col 8 lines 33-43). 

Howell discloses restricted folders, (Col 5 line 23). 

It would be obvious to one skilled in the art to modify Chapmans x.509 with Howell's 
restricted folders, because the 509 format is supported by a number of different protocols, 
(Col 8 line 43), and the restricted folders add a measure of security. 

Claims 11, and 23 are rejected under 35 U.S.C- 103(a) as being unpatentable over 
Chapman US 6,058,484 in view of Hsu US 5,982,898 in view of Maruyama US 
6,393,563. 

5. As per claims 11, and 23 Chapman-Hsu does not disclose a smart card. 
Maruyama disclose a private key may be stored on a smartcard, (Col 1 line 20, 53-56). 
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It would be obvious to modify the Chapman-Hsu combination with Maruyama's smart 
card, because the smart card increases the security of key storage. 
Claims 12, and 24 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Chapman US 6,058,484 in view of Hsu US 5,982,898 in view of Kausik US 6,263,446. 

6. As per claims 12, and 24, Chapman-Hsu does not disclose a software wallet. 
Kausik discloses storing a private key in a software wallet, (Col 4 lines 1-6). 
It would be obvious to modify the Chapman-Hsu combination with Kausik 's software 
wallet because the wallet increases the security of key storage. 



Conclusion 

4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher J Brown whose telephone number is 703-305- 
8023. The examiner can normally be reached on 8:30-6:00. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse can be reached on 703-308-4789. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 

Christopher J. Brown 





